Hi
Got whats probably a stupid question - but I've been made to doubt myself by a guy who's above me at work

I'm planning on spliting our lan into 2, maybe 3 chunks in an effort to control traffic better - at the moment things have gone bad due to the number of hubs and machines we've added along with a big increase in use.

My plan is to use linux boxes to route between the subnets. I say this will work fine and dandy. The subnets are mainly 10Mbit and I'll use 100Mbit conenctions between the subnets.

Now the problem as it were... bloke at work says that won't work very well and will cripple us when it comes to doing things like video conferencing and other high bandwidth applications.

Our ISP provides us with a 2Mbit eachway connection, which is already NATed. I won't be using NAT internally - we get 10.4.20.0/22 address range and I'll split that with 24bit mask internally.

I say this will work... any views from the peeps here, of any kind appreciated.

It should work just fine, especially if you are just doing routing. I'm curious why he said it wouldn't work very well. Did he provide an alternate solution?

Well, the network speed would not decrease/increase whether you have one subnet or 100 subnet. The network access speed depends on how many switch/routers are between server and client. Also it depends on what equipments 10 or 100 MB uses.
If you will use video conferencing, probably better to have two subnet with 100 MB.
One thing that i don't understand is the range you got from your ASP is already NATed? How? Do they provide you a bridge/firewall protection for your 10.4.x.x network?

Sunny,

Stickman - no, he didn't really supply either a reason or an alternative solution. Bet you can guess my opinion of him

Lintadsl - cheers for the comments, I agree, its the number of hubs/switches that holds the problem.

As for the setup we have to endure.... a bit of background. We (I) are a school in the UK. We have been provided an "internet" connection by a regional provider setup just for schools. They use the 10.x.x.x range to run this internally. They control the firewall between their network and the Internet.

We don't get any direct IP addresses to use - we can have 5 10.x.x.x addresses which map (NAT) to real IP addresses on their firewall. Everything else gets masqueraded through a common gateway/IP.

My problem is that the primary router which connects my lan to their network belongs to them and they won't give me admin access to it (and i'm guessing trying to "give myself access" would not be good for job security ). I'm determined to get them to make the changes needed on the router to make my dammed network run ok again (we can't afford to buy any expensive switches or move to gigabit or anything like that).

Now, i see a little bit of your situation. Let me get this correctly, you want to setup a router which will route two subnet on your lan or setup a router that will handle all the traffic on your lan and masq. to their network? Or both? Since you don't have admin access to the primary router, I would setup my own router that will handle masq. route two subnet. Of course connect this router to the primary router. This way you have your own network setup and easy to change/admin your own network. Probably install MRTG on your router to see the traffic.
Good luck.
Lintadsl

One of the first problems you will have is routing the broadcast packets that Windoze uses to advertise NetBios names.
Broadcast/Multicast addresses aren't passed by default. You will need something extra to do that. Either some iptables rules, or a routing package...
There have been discussions here already and there is most likely a package to do that, but I've yet to see it.
The speed will never be a problem unless you are using a fossil for a pc.
One box with the external interface and as many internal interfaces as you can handle will work very well. There are even 3 & 4 port pci Ethernet cards available. One box will make the routing table more manageable as well.

Regards,
Peter

Hi
Lintadsl, thats about the size of the problem. I may well end up sticking a router between our network and the ISP's, but I'd rather get them to change the router And what's MRTG? Some kind of traffic monitoring? Would be handy to have some figures to back me up I guess...

Peter, thanks for the vote of confidence on the routing. So far as netbois name resolution goes we have a wins server running, so won't be a problem, and in turn cuts down on all the nasty broadcast traffic too.
However, would you happen to know if linux forwards DHCP requests? I'm fairly sure when I played with it before it did, but I don't like surprises all that much...

Cheers

No, not by default.
It also uses a 255.255.255.255 broadcast address and a 0.0.0.0 source address.
You'll need to make rules to allow these freely, or find the routing package that does it.

And having said that, I should really go and find one for myself...

Regards,
Peter

You can see MRTG running from my www site. Also you can get info/download it from http://people.ee.ethz.ch/~oetiker/webtools/mrtg/

Since you have wins running in your area, why do you worry about forwarding DHCP request? I think I am kind of lost what you want.

Lintadsl,

lintadsl, cheers for the reply - I shall have a look at that. Though re. wins and dhcp... wins just resolves netbios names to IP addresses, not hands them out. Wins sorts the machines for finding each other once they've got an IP, a bit like DNS if you will.
If it becomes a problem, I'll run more than one DHCP server...